Search squid archive

Re: secured authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



tis 2009-09-29 klockan 21:28 -0500 skrev David Boyer:
> I've been using squid_ldap_auth (Squid 2.7, SLES 11) for basic
> authentication, and it wasn't terribly difficult to set up. What
> concerns me is the passing of credentials from the browser to Squid in
> plain text. When we use basic authentication anywhere else, the web
> site usually requires HTTPS. I'm not seeing an easy way to do that
> with Squid.

Squid can via it's https_port directive, but there is no known browsers
supporting SSL encrypted proxy connections.

> We have a full Active Directory environment, and everyone using Squid has a domain account. Our users use a combination of Firefox 3.x, IE, and Safari.

Then NTLM or Kerberos/Negotiate authentication should be a viable option
for you.

The other available option Digest authentication unfortunately can not
integrate with Active Directory that easy...

> What options are there for using authentication with Squid while also
> ensuring the credentials passed between the browser and Squid are
> encrypted? The stunnel approach would not be an option for us.

And neither is pushing the browser vendors to have support for SSL
encrypted proxy connections I suppose?

Regards
Henrik


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux